Article Details
Scrape Timestamp (UTC): 2023-12-14 23:31:30.687
Original Article Text
Click to Toggle View
Kraft Heinz investigates hack claims, says systems ‘operating normally’. Kraft Heinz has confirmed that their systems are operating normally and that there is no evidence they were breached after an extortion group listed them on a data leak site. Kraft Heinz is one of the world's largest food and beverage companies, with over 37,000 employees operating out of 40 countries. The company owns numerous well-known brands, including Oscar Mayer, Kool-Aid, Philadelphia, Lunchables, Maxwell House, and many more. In a post to Snatch extortion group's data leak site dated August 16th, but not made visible until today, the threat actors claim that they breached Kraft Heinz. When extortion groups list a company on their data leak sites, it indicates that they stole data in a cyberattack and would soon leak it if a ransom is not paid. However, Snatch has not provided proof of the breach, with the files section devoid of screenshots of stolen data. In a statement to BleepingComputer, Kraft Heinz said they are investigating whether a cyberattack on a decommissioned marketing website is related to Snatch's claims but that they are not experiencing any issues on their corporate network. "We are reviewing claims that a cyberattack occurred several months ago on a decommissioned marketing website hosted on an external platform, but are currently unable to verify those claims," a Kraft Heinz spokesperson told BleepingComputer. "Our internal systems are operating normally, and we currently see no evidence of a broader attack." Snatch, a ransomware gang which launched in 2018, was one of the first groups to set up a data leak site to use stolen data as leverage in their extortion demands. In 2021, threat actors known as "Snatch Team" set up a new data leak site, stating that they were unaffiliated with the previous ransomware group and did not perform encryption attacks. However, a report by CISA disputes these claims, stating that data from confirmed ransomware victims have appeared on Snatch Team’s website along with data from other ransomware operations’ attacks.
Daily Brief Summary
Kraft Heinz is investigating claims of a cyberattack on a decommissioned marketing website after being listed on Snatch extortion group's data leak site.
Snatch announced they breached Kraft Heinz, but no evidence or stolen data has been provided to substantiate these claims.
As one of the largest food and beverage companies, Kraft Heinz operates globally with well-known brands such as Oscar Mayer and Philadelphia.
Despite the extortion group's assertions, Kraft Heinz reports that their internal systems are functioning normally with no signs of a broader cyberattack.
Snatch, historically known for ransomware activities, claims to have shifted focus from encrypting victims' files to solely data exfiltration and extortion.
The United States Cybersecurity and Infrastructure Security Agency (CISA) identifies data on Snatch's website originating from both their operations and other ransomware groups, which contradicts Snatch Team's claim of not engaging in ransomware attacks.